Germany’s Tough Line on Data Transfers to U.S. Is Criticized

By

Natalia Drozdiak

Oct 29, 2015 6:24 am ET

Germany’s federal and regional data protection authorities this week said they wouldn’t approve any new transfers of data to the U.S. — even for transfers based on arrangements different from the trans-Atlantic data-transfer pact knocked down by the European Union’s highest court.

The European Court of Justice this month invalidated a 15-year old agreement, known as Safe Harbor, which allowed businesses to move Europeans’ data, such as employee information, to servers in the U.S. The court ruled that Europeans’ data was insufficiently protected when transferred to the U.S., where it could be accessed by national intelligence services.

Businesses can still transfer that data using more time-consuming and bureaucratic methods, but the court’s ruling calls into question the legal footing for those arrangements as well because it blesses the EU’s national data protection authorities – even those with harsher views of U.S. data privacy rules – with the power to review and challenge those transfers.